US7730307B2 - Secure ADS-B authentication system and method - Google Patents

Secure ADS-B authentication system and method Download PDF

Info

Publication number
US7730307B2
US7730307B2 US11/401,017 US40101706A US7730307B2 US 7730307 B2 US7730307 B2 US 7730307B2 US 40101706 A US40101706 A US 40101706A US 7730307 B2 US7730307 B2 US 7730307B2
Authority
US
United States
Prior art keywords
ads
secure
transmitter
data
authenticator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US11/401,017
Other versions
US20070239986A1 (en
Inventor
Marc J Viggiano
Edward M Valovage
Kenneth B Samuelson
Dana L Hall
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Saab Inc
Original Assignee
Sensis Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US11/401,017 priority Critical patent/US7730307B2/en
Application filed by Sensis Corp filed Critical Sensis Corp
Assigned to SENSIS CORPORATION reassignment SENSIS CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VALOVAGE, EDWARD M., VIGGIANO, MARC J.
Priority to PCT/US2007/065759 priority patent/WO2007115246A1/en
Assigned to CITIZENS BANK, N.A. reassignment CITIZENS BANK, N.A. SECURITY AGREEMENT Assignors: SENSIS CORPORATION
Publication of US20070239986A1 publication Critical patent/US20070239986A1/en
Assigned to NASA reassignment NASA CONFIRMATORY LICENSE (SEE DOCUMENT FOR DETAILS). Assignors: SENSIS CORPORATION
Assigned to NASA reassignment NASA CONFIRMATORY LICENSE (SEE DOCUMENT FOR DETAILS). Assignors: SENSIS CORPORATION
Assigned to SENSIS CORPORATION reassignment SENSIS CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: HALL, DANA L., SAMUELSON, KENNETH B.
Assigned to RBS CITIZENS, NATIONAL ASSOCIATION AS ADMINISTRATIVE AGENT AND LENDER reassignment RBS CITIZENS, NATIONAL ASSOCIATION AS ADMINISTRATIVE AGENT AND LENDER SECURITY AGREEMENT Assignors: SENSIS CORPORATION
Publication of US7730307B2 publication Critical patent/US7730307B2/en
Application granted granted Critical
Assigned to Saab Sensis Corporation reassignment Saab Sensis Corporation CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: SENSIS CORPORATION
Assigned to SAAB, INC. reassignment SAAB, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: Saab Sensis Corporation
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • the present invention relates to the general area of ADS-B (Automatic Dependent Surveillance-Broadcast, a field of aviation surveillance) and in particular to a method and apparatus for securely authenticating aircraft identity from unencrypted or encrypted broadcast ADS-B position report message (hereinafter ADS-B message) data, providing enhanced security in an airspace.
  • ADS-B message Automatic Dependent Surveillance-Broadcast, a field of aviation surveillance
  • ADS-B is a technology that is being developed and deployed around the world to enhance aviation safety by allowing aircraft to make accurate and timely reports of their position, velocity, identification, capability, and intentions.
  • the current ADS-B message protocol lacks any identity authentication scheme and ADS-B data is currently broadcast without encryption or other security measures.
  • the current direction in air traffic control is to rely on the ADS-B message data for the control and management of air traffic. This leaves the current ATC system vulnerable to broadcast of false identification data.
  • What is needed is a method of authenticating an aircraft's identity, thereby making it more difficult for unauthorized third parties to enter a given air traffic control region by broadcasting false identification data for an aircraft, without adversely affecting the data throughput of the air traffic control system.
  • This invention addresses these problems by employing cryptographic techniques as part of an authentication scheme to enhance the security of the ADS-B system.
  • the method for securely authenticating identity between an authenticator system and an ADS-B transmitter system includes the steps of: generating a unique identifier at the authenticator system; transmitting an authentication challenge containing the unique identifier to the ADS-B transmitter system; generating a secure output by inputting the received unique identifier, the ADS-B transmitter system's specific data, ID and secret-key into a secure process at the ADS-B transmitter's system; generating a secure code by inputting the ADS-B transmitter-generated secure output into a second secure process; transmitting the ADS-B transmitter-generated secure code, the ADS-B transmitter's specific data and ID to the authenticator's system; receiving the ADS-B transmitter's transmitted response containing the ADS-B transmitter-generated secure code, specific data and ID; the authenticator
  • the secure authentication ADS-B system and method of the present invention overcomes the authentication vulnerability of an airspace by providing a means for authenticating ADS-B equipped platform's identity.
  • FIG. 1 is a block diagram of a secure ADS-B authentication system in accordance with one embodiment of the present invention.
  • FIG. 2 is a block diagram of an unsolicited ADS-B authentication system in accordance with a second embodiment of the present invention.
  • FIG. 3 is a block diagram of an encrypted ADS-B authentication system in accordance with a third embodiment of the present invention.
  • the authentication apparatus of the present invention includes an ADS-B system and secure processing including memory for loading and storing an ADS-B equipped platform's secret key.
  • the authentication apparatus of the authentication challenging system further includes a unique identifier generator and identity authentication processing including comparison processing for comparing the independently generated authentication codes.
  • the authentication system includes a user interface to enter a pilot's personal identification number (PIN).
  • the authentication challenging system and ADS-B transmitter system also include an encryption system to encrypt and decrypt the ADS-B broadcast position message(s) (hereinafter ADS-B message).
  • One embodiment of the authentication apparatus and method of the present invention employs an authentication challenge-response methodology and encryption techniques to authenticate the identity of an ADS-B equipped aircraft, vehicle or station, as shown in FIG. 1 .
  • data paths to air traffic control systems and aircraft flight systems, for example, are not depicted in FIGS. 1-3 .
  • each aircraft transiting through an airspace is broadcasting its specific position data 24 and a unique ID 22 , for example, a Mode S address.
  • the authentication challenge 12 is transmitted from an ADS-B equipped aircraft, vehicle, vessel or ground station (hereinafter Authenticator).
  • This invention applies an authentication scheme and optional encryption to provide greater assurance that an ADS-B equipped aircraft, vehicle, vessel or station (hereinafter ADS-B transmitter) is who it says it is.
  • ADS-B transmitter an ADS-B equipped aircraft, vehicle, vessel or station
  • each aircraft is broadcasting its ID 22 and specific data 24 in an unencrypted form.
  • the authentication challenge 12 is transmitted from a ground station as part of the uplink data.
  • the unique identifier is a data field generated by unique identifier generator 14 that is part of the system of the Authenticator 10 .
  • the unique identifier generator 14 comprises a random number generator. While the unique identifier can be random values, it need only be unique so that an attacker cannot “learn” a valid response by observing the challenges 12 of the authenticator and the corresponding responses 38 .
  • the Authenticator's system generates a unique identifier and transmits an authentication challenge 12 , which includes the unique identifier to the ADS-B transmitter 20 .
  • the ADS-B transmitter 20 inputs the unique identifier, the ADS-B transmitter's ID 22 and specific data 24 into the authentication processing to generate its authentication challenge response.
  • the ADS-B transmitter's specific data 24 may include such data as position, velocity, and intent as might be provided by a flight management system.
  • the authentication processing of the ADS-B transmitter system comprises a secret-key 36 , a secure hash generator 40 and a Message Authentication Code (MAC) generator 35 , which transform the input data into a MAC 38 .
  • the MAC 38 , the ADS-B transmitter's ID 22 and the ADS-B transmitter's specific data 24 are then transmitted to the Authenticator 10 in an authentication response 18 .
  • the MAC 38 is transmitted as part of a 1090 MHz ADS-B message using unused and/or reserved bits in the ADS-B 1090 MHz broadcast message format.
  • the MAC 38 is transmitted in response to an authentication challenge 12 as part of the ADS-B UAT broadcast position message, using unused and/or reserved bits in the ADS-B UAT message format.
  • the ADS-B UAT broadcast position message is broadcast approximately every second by ADS-B UAT equipped aircraft and vehicles.
  • Authenticator 10 may receive an ADS-B transmitter's ID 22 and specific data 24 after transmitting the authentication challenge 12 .
  • the Authenticator 10 When the Authenticator 10 receives the ADS-B transmitter's authentication response 18 , in either encrypted or unencrypted form, the Authenticator 10 inputs the locally generated unique identifier, with the received ADS-B transmitter's ID 32 , and specific data 34 and the secret-key 36 a into a secure hash generator 50 , to generate an Authenticator-generated secure hash value 52 .
  • the secure hash value 52 is input into the MAC generation processing 55 to generate an Authenticator-generated MAC 58 .
  • the Authenticator's system applies the received ADS-B transmitter-generated MAC 38 and the Authenticator-generated MAC 58 to comparator 60 to authenticate the ADS-B transmitter's 20 identity.
  • an authentication signal 70 is produced indicating that the identity of the ADS-B transmitter is authenticated.
  • the Authenticator 10 if an ADS-B transmitter 20 fails two or more consecutive authentication response comparisons, the Authenticator 10 notifies a responsible higher command authority of the authentication failures, so that the responsible higher command authority can respond appropriately. In another embodiment, the Authenticator 10 issues an alert that is displayed to other ADS-B equipped aircraft, vehicles, vessels or stations.
  • an Authenticator 10 issues a broadcast authentication challenge 12 to ADS-B equipped platforms each broadcast cycle and the ADS-B equipped platforms authentication challenge response 18 is transmitted in the corresponding transmission cycle.
  • the authentication challenge 12 is broadcast in a newly-defined uplink format and the authentication response 18 is broadcast as part of the Mode S ADS-B message, using unused and/or reserved bits in Mode S ADS-B message.
  • the authentication challenge 12 is broadcast as part of a UAT Ground Uplink and the authentication response 18 is broadcast as part of the ADS-B UAT broadcast position message, using unused and/or reserved bits in ADS-B UAT message.
  • an Authenticator 10 issues addressed authentication challenges 12 to one or more ADS-B equipped platforms each broadcast cycle and each ADS-B transmitter system's authentication challenge response 18 is transmitted in the corresponding transmission cycle.
  • the secure hash generators, 40 and 50 contain a secure hash algorithm, which may be implemented in hardware or software and generate a secure hash value, 30 and 52 , as its output. However, according to the present invention the secure hash value, 30 and 52 , is input into the second secure process, which includes the MAC generator, 35 and 55 , that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 and 58 .
  • the ADS-B transmitter 20 transmits MAC 38 to the Authenticator 10 in its authentication response 18 to the Authenticator's authentication challenge 12 .
  • a MAC, 38 and 58 for example, contains a designated 16-bit or 8-bit block from the secure hash value, 30 and 52 .
  • the application of a MAC generator, 35 and 55 reduces the power of the long secure hash value, it is impractical for an attacker to correctly guess the MAC and limiting the size of the MAC 38 to a designated subset of bits alleviates the impact of the authentication scheme of the present invention on the bandwidth of Mode S, UAT or VDL Mode 4, for example.
  • the Authenticator 10 observes the ADS-B transmitter 20 , the strength of the authentication method and confidence in it quickly grows.
  • the MAC 38 is the last 8-bits of the computed secure hash value 30 .
  • the authentication apparatus and method of the present invention provides identity authentication without using the authentication challenge-response methodology for airspace in which lower levels of security are acceptable.
  • each ADS-B equipped aircraft inputs the ADS-B system's specific data 24 , ID 22 and secret code 36 into the system's secure processing to generate a secure MAC 38 for transmission in this method of unsolicited identity authentication.
  • the unique authentication challenge identifier is replaced with a default value, such as 0000 , for example, in the secure hash algorithm.
  • a different secure hash algorithm is used that does not have an authentication challenge input and the secure processing operates as described above.
  • a designated ADS-B system monitors the unsolicited identity authentication contained in the ADS-B messages. The monitoring ADS-B system performs the same processing steps as the ADS-B transmitter to generate the MAC and perform the comparison.
  • an ADS-B transmitter's secret-key 36 must be available to both the ADS-B transmitter 20 and the Authenticator 10 .
  • the Authenticator 10 will transmit broadcast authentication challenges 12 to ADS-B transmitters 20 at regular intervals, requiring all ADS-B equipped platforms to respond.
  • the Authenticator 10 will transmit addressed authentication challenges 12 to one or more ADS-B transmitters 20 every reporting cycle (each second for example).
  • the Authenticator 10 will transmit broadcast authentication challenges 12 and addressed authentication challenges 12 to one or more ADS-B transmitters 20 at regular intervals.
  • each ADS-B transmitter 20 has its own secret-key 36 .
  • Each ADS-B transmitter 20 having its own secret-key 36 also helps protect the ADS-B system from a system wide attack.
  • the secret-key 36 can be of any agreed-upon length, and the length maybe varied for military or other unique applications.
  • the secret key can be composed of a predefined combination of any number of separate key values and thus provide an authentication of any number of individual entities.
  • a secret key can be composed of the combination of a secret binary number stored in the ADS-B transceiver of an aircraft and a Personal Identification Number (PIN) assigned to the pilot.
  • PIN Personal Identification Number
  • the successful authentication check by the authenticator gives an assurance that the ADS-B message came from the aircraft that the message claims it to be from, and that the pilot is the authorized pilot for that flight.
  • the key can be the combination of the ADS-B transceiver secret binary number and the pilot PIN as in the last embodiment plus an additional PIN entered by a cargo dispatcher certifying that the cargo has had the required screening. Additional PINs can be supplied by other authorized people monitoring other phases of the flight on the ground or in the air. Additional binary values obtained from other systems on board the aircraft or station transmitting the ADS-B message.
  • the secret key used by the ADS-B transmitter 20 must be discoverable by the Authenticator 10 .
  • the Authenticator 10 has access to a database of flight plan data, associating a flight with the pilots, aircraft, cargo or passenger dispatcher, or any other authorized people monitoring other phases of the flight on the ground or in the air.
  • the Authenticator 10 can then use this flight plan database along with identifying content of the ADS-B message to determine the pilots, aircraft, cargo or passenger dispatcher, or any other authorized people monitoring other phases of the flight, and to look up in a secure database the corresponding PINs and/or secret binary numbers comprising the secret key.
  • the identifying content of the ADS-B message is the aircraft Mode-S address.
  • the identifying content is the Mode 3/A code.
  • the secure hash algorithm, 40 and 50 can operate on the ADS-B transmitter ID, 22 and 32 , and specific data, 24 and 34 , in an unencrypted form, as shown on FIG. 1 .
  • the secure hash algorithm, 40 and 50 can operate on the ADS-B transmitter ID 32 and specific data 34 in an encrypted form, as shown on FIG. 3 .
  • the Authenticator 10 must use the ADS-B transmitter's ID 32 and specific data 34 in the secure hash algorithm 50 , prior to decryption. Note that the determination by the authenticator of the secret key to use, discussed in paragraphs [0021] and [0022], must come from knowledge of the identity of the ADS-B transmitter.
  • the encryption scheme encrypts this information, it must be decrypted before determining the identity. This process is not elaborated in FIG. 3 .
  • some aircraft are broadcasting their ID 32 and specific data 34 in an encrypted form and other aircraft are broadcasting their ID 32 and specific data 34 in an unencrypted form.
  • a hash size of 128 bits has 2 128 possible values and the probability of correctly guessing it is the reciprocal of that number. Although this is a very small probability, in the general field of cryptographic authentication, this is minimally acceptable.
  • broadcasting a 128-bit or larger hash value is impractical due to the small message sizes, but notably the probability of guessing the hash value does not have to be extremely low. The reason for this is as follows. In a typical authentication application, an attacker experiences no penalty or risk in making a wrong guess.
  • one successful guess represents a successful attack (for example, gaining login access to a computer).
  • the messages with authentication hashes occur one or more times per second as an aircraft flies through a region.
  • An attacker gains little by correctly guessing one of the hashes. All of the hashes must be correct to be authenticated. Additionally, an incorrect hash is immediately obvious and makes the target suspect. For this reason, a much smaller hash, say 8 bits or fewer, is quite acceptable for ADS-B. With each transmitted ADS-B message, the probability of guessing the correct hash for that message and all of the previous ones grows smaller and the strength of the authentication increases.
  • the ADS-B transmitter's secure hash value 30 is input into a message authentication code (MAC) generator 35 , which generates a message authentication code (MAC) 38 for the ADS-B transmitter 20 .
  • the Authenticator 10 inputs its secure hash value 52 into MAC generator 55 to generate its MAC 58 .
  • the transmitted MAC 38 contains fewer bits than the associated secure hash value 30 .
  • the MAC, 38 and 58 contains a truncated subset of the secure hash value, 30 .
  • the MAC, 38 and 58 is generated by using a moving bit pattern of a predetermined length, for example, 8-bits, with the bits selection based on a predetermined sequence, to truncate the MAC generator output.
  • the predetermined bit selection sequence changes at predetermined intervals.
  • the MAC, 38 and 58 comprises a predetermined subset of bits that are non-contiguous.
  • the number of bits in the predetermined pattern is 8-bits or less.
  • the authentication challenge 12 unique identifier is 16-bits in length.
  • the ADS-B transmitter specific data 34 may be transmitted as encrypted data or unencrypted data (i.e., sent in-the-clear).
  • the ADS-B transmitter's ID, 22 and 32 is a constant value of constant length.
  • the ADS-B transmitter's specific data 24 and 34 will comprise a segment of allocated bits in a standard ADS-B message.
  • the number of bits comprising the ADS-B transmitter's specific data 24 and 34 is typically defined by international standard.
  • a Mode-S message contains 112-bits of data and a Universal Access Transceiver (UAT) message contains either 240-bits or 384-bits of data.
  • UAT Universal Access Transceiver
  • a ground station transmits a MAC in the uplink message so that transiting aircraft can authenticate the transmitting ground station's identity.
  • transiting aircraft can request authentication of ground stations or vehicles.
  • the identification, 22 and 32 , and specific data, 24 and 34 , used in the secure hash algorithm is the ground station ID and designated up-link data, such as weather data, in place of Mode S ID, position, and velocity. The method described herein is valid and useful as long as the data used to authenticate the ground station is predetermined and agreed in advance, and the same data used to generate the MAC, 38 and 58 , for comparison 60 .
  • the ADS-B transmitter system Where an ADS-B transmitter system has not received an authentication challenge, the ADS-B transmitter system generates a MAC using the challenge unique identifier from the most recent received authentication challenge, in one specific embodiment of the present invention.
  • the authenticator recomputes the MAC using the last challenge unique identifier for the ADS-B transmitter, thereby reducing false identity authentication comparisons.
  • the ADS-B transmitter system generates a MAC using a predetermined default value for the challenge unique identifier where the ADS-B transmitter system has not received an authentication challenge.
  • the authenticator recomputes the MAC using the predetermined default value.
  • the pilot or operator of the ADS-B transmitter system can turn the authentication system of the present invention ON/OFF.

Abstract

A secure system for authenticating the identity of ADS-B systems, including: an authenticator, including a unique id generator and a transmitter transmitting the unique id to one or more ADS-B transmitters; one or more ADS-B transmitters, including a receiver receiving the unique id, one or more secure processing stages merging the unique id with the ADS-B transmitter's identification, data and secret key and generating a secure code identification and a transmitter transmitting a response containing the secure code and ADSB transmitter's data to the authenticator; the authenticator including means for independently determining each ADS-B transmitter's secret key, a receiver receiving each ADS-B transmitter's response, one or more secure processing stages merging the unique id, ADS-B transmitter's identification and data and generating a secure code, and comparison processing comparing the authenticator-generated secure code and the ADS-B transmitter-generated secure code and providing an authentication signal based on the comparison result.

Description

The Government of the United States of America has rights in this invention pursuant to Cooperative Agreement NNC05AA02A, awarded by the National Aeronautic and Space Administration (NASA).
CROSS REFERENCE TO RELATED APPLICATION
This application is related to U.S. patent application Ser. No. 10/285,070 filed Oct. 31, 2002, the entirety of which is incorporated herein by reference.
FIELD OF THE INVENTION
The present invention relates to the general area of ADS-B (Automatic Dependent Surveillance-Broadcast, a field of aviation surveillance) and in particular to a method and apparatus for securely authenticating aircraft identity from unencrypted or encrypted broadcast ADS-B position report message (hereinafter ADS-B message) data, providing enhanced security in an airspace.
BACKGROUND OF THE INVENTION
ADS-B is a technology that is being developed and deployed around the world to enhance aviation safety by allowing aircraft to make accurate and timely reports of their position, velocity, identification, capability, and intentions. The current ADS-B message protocol lacks any identity authentication scheme and ADS-B data is currently broadcast without encryption or other security measures. In addition, the current direction in air traffic control is to rely on the ADS-B message data for the control and management of air traffic. This leaves the current ATC system vulnerable to broadcast of false identification data.
What is needed is a method of authenticating an aircraft's identity, thereby making it more difficult for unauthorized third parties to enter a given air traffic control region by broadcasting false identification data for an aircraft, without adversely affecting the data throughput of the air traffic control system.
This invention addresses these problems by employing cryptographic techniques as part of an authentication scheme to enhance the security of the ADS-B system.
SUMMARY OF THE INVENTION
One embodiment of the secure authentication ADS-B system and method of this invention requires ADS-B systems to respond to authentication challenges, verifying the identity of the ADS-B systems using an authentication challenge-response format. In this embodiment, the method for securely authenticating identity between an authenticator system and an ADS-B transmitter system includes the steps of: generating a unique identifier at the authenticator system; transmitting an authentication challenge containing the unique identifier to the ADS-B transmitter system; generating a secure output by inputting the received unique identifier, the ADS-B transmitter system's specific data, ID and secret-key into a secure process at the ADS-B transmitter's system; generating a secure code by inputting the ADS-B transmitter-generated secure output into a second secure process; transmitting the ADS-B transmitter-generated secure code, the ADS-B transmitter's specific data and ID to the authenticator's system; receiving the ADS-B transmitter's transmitted response containing the ADS-B transmitter-generated secure code, specific data and ID; the authenticator independently determining the ADS-B transmitter system's secret-key; generating a secure output by inputting the unique identifier, the ADS-B transmitter's specific data, ID and secret-key in secure processing at the authenticator; generating a secure code by inputting the requestor-generated secure output into a second secure process; comparing the authenticator-generated secure code and the ADS-B transmitter-generated secure code using comparison processing; and authenticating the ADS-B transmitter's identity by determining that the authenticator-generated secure code and the ADS-B transmitter-generated secure code are the same.
The secure authentication ADS-B system and method of the present invention overcomes the authentication vulnerability of an airspace by providing a means for authenticating ADS-B equipped platform's identity.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram of a secure ADS-B authentication system in accordance with one embodiment of the present invention.
FIG. 2 is a block diagram of an unsolicited ADS-B authentication system in accordance with a second embodiment of the present invention.
FIG. 3 is a block diagram of an encrypted ADS-B authentication system in accordance with a third embodiment of the present invention.
 DETAILED DESCRIPTION OF THE INVENTION
The authentication apparatus of the present invention includes an ADS-B system and secure processing including memory for loading and storing an ADS-B equipped platform's secret key. The authentication apparatus of the authentication challenging system further includes a unique identifier generator and identity authentication processing including comparison processing for comparing the independently generated authentication codes. In one embodiment of the present invention, the authentication system includes a user interface to enter a pilot's personal identification number (PIN). In another embodiment, the authentication challenging system and ADS-B transmitter system also include an encryption system to encrypt and decrypt the ADS-B broadcast position message(s) (hereinafter ADS-B message).
One embodiment of the authentication apparatus and method of the present invention employs an authentication challenge-response methodology and encryption techniques to authenticate the identity of an ADS-B equipped aircraft, vehicle or station, as shown in FIG. 1. It should be noted that data paths to air traffic control systems and aircraft flight systems, for example, are not depicted in FIGS. 1-3. In operation, each aircraft transiting through an airspace is broadcasting its specific position data 24 and a unique ID 22, for example, a Mode S address. The authentication challenge 12 is transmitted from an ADS-B equipped aircraft, vehicle, vessel or ground station (hereinafter Authenticator). This invention applies an authentication scheme and optional encryption to provide greater assurance that an ADS-B equipped aircraft, vehicle, vessel or station (hereinafter ADS-B transmitter) is who it says it is. In one embodiment of the present invention, each aircraft is broadcasting its ID 22 and specific data 24 in an unencrypted form. In another embodiment of the present invention, the authentication challenge 12 is transmitted from a ground station as part of the uplink data. The unique identifier is a data field generated by unique identifier generator 14 that is part of the system of the Authenticator 10.
In one embodiment of the present invention, the unique identifier generator 14 comprises a random number generator. While the unique identifier can be random values, it need only be unique so that an attacker cannot “learn” a valid response by observing the challenges 12 of the authenticator and the corresponding responses 38. The Authenticator's system generates a unique identifier and transmits an authentication challenge 12, which includes the unique identifier to the ADS-B transmitter 20. The ADS-B transmitter 20 inputs the unique identifier, the ADS-B transmitter's ID 22 and specific data 24 into the authentication processing to generate its authentication challenge response. The ADS-B transmitter's specific data 24 may include such data as position, velocity, and intent as might be provided by a flight management system. In one embodiment of the present invention, the authentication processing of the ADS-B transmitter system comprises a secret-key 36, a secure hash generator 40 and a Message Authentication Code (MAC) generator 35, which transform the input data into a MAC 38. The MAC 38, the ADS-B transmitter's ID 22 and the ADS-B transmitter's specific data 24 are then transmitted to the Authenticator 10 in an authentication response 18.
In one preferred embodiment of the present invention, the MAC 38 is transmitted as part of a 1090 MHz ADS-B message using unused and/or reserved bits in the ADS-B 1090 MHz broadcast message format. In another preferred embodiment, the MAC 38 is transmitted in response to an authentication challenge 12 as part of the ADS-B UAT broadcast position message, using unused and/or reserved bits in the ADS-B UAT message format. The ADS-B UAT broadcast position message is broadcast approximately every second by ADS-B UAT equipped aircraft and vehicles. Authenticator 10 may receive an ADS-B transmitter's ID 22 and specific data 24 after transmitting the authentication challenge 12.
When the Authenticator 10 receives the ADS-B transmitter's authentication response 18, in either encrypted or unencrypted form, the Authenticator 10 inputs the locally generated unique identifier, with the received ADS-B transmitter's ID 32, and specific data 34 and the secret-key 36 a into a secure hash generator 50, to generate an Authenticator-generated secure hash value 52. The secure hash value 52 is input into the MAC generation processing 55 to generate an Authenticator-generated MAC 58. The Authenticator's system applies the received ADS-B transmitter-generated MAC 38 and the Authenticator-generated MAC 58 to comparator 60 to authenticate the ADS-B transmitter's 20 identity. If the MAC 38 received from the ADS-B transmitter 20 matches the Authenticator-generated MAC 58, an authentication signal 70 is produced indicating that the identity of the ADS-B transmitter is authenticated. In one embodiment of the present invention, if an ADS-B transmitter 20 fails two or more consecutive authentication response comparisons, the Authenticator 10 notifies a responsible higher command authority of the authentication failures, so that the responsible higher command authority can respond appropriately. In another embodiment, the Authenticator 10 issues an alert that is displayed to other ADS-B equipped aircraft, vehicles, vessels or stations.
In one embodiment of the present invention, an Authenticator 10 issues a broadcast authentication challenge 12 to ADS-B equipped platforms each broadcast cycle and the ADS-B equipped platforms authentication challenge response 18 is transmitted in the corresponding transmission cycle. In a preferred embodiment, the authentication challenge 12 is broadcast in a newly-defined uplink format and the authentication response 18 is broadcast as part of the Mode S ADS-B message, using unused and/or reserved bits in Mode S ADS-B message. In another preferred embodiment, the authentication challenge 12 is broadcast as part of a UAT Ground Uplink and the authentication response 18 is broadcast as part of the ADS-B UAT broadcast position message, using unused and/or reserved bits in ADS-B UAT message. In another embodiment of the present invention, an Authenticator 10 issues addressed authentication challenges 12 to one or more ADS-B equipped platforms each broadcast cycle and each ADS-B transmitter system's authentication challenge response 18 is transmitted in the corresponding transmission cycle.
This secure ADS-B technique does not depend on any one specific secure hash algorithm. Some secure hash algorithms have response hashes that are longer than the standard ADS-B message size The secure hash generators, 40 and 50, contain a secure hash algorithm, which may be implemented in hardware or software and generate a secure hash value, 30 and 52, as its output. However, according to the present invention the secure hash value, 30 and 52, is input into the second secure process, which includes the MAC generator, 35 and 55, that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 and 58. The ADS-B transmitter 20 transmits MAC 38 to the Authenticator 10 in its authentication response 18 to the Authenticator's authentication challenge 12. In one embodiment of the present invention, a MAC, 38 and 58, for example, contains a designated 16-bit or 8-bit block from the secure hash value, 30 and 52.
Although the application of a MAC generator, 35 and 55, reduces the power of the long secure hash value, it is impractical for an attacker to correctly guess the MAC and limiting the size of the MAC 38 to a designated subset of bits alleviates the impact of the authentication scheme of the present invention on the bandwidth of Mode S, UAT or VDL Mode 4, for example. As the Authenticator 10 observes the ADS-B transmitter 20, the strength of the authentication method and confidence in it quickly grows. In one embodiment, the MAC 38 is the last 8-bits of the computed secure hash value 30.
In another embodiment of the present invention, the authentication apparatus and method of the present invention provides identity authentication without using the authentication challenge-response methodology for airspace in which lower levels of security are acceptable. As shown in FIG. 2, each ADS-B equipped aircraft inputs the ADS-B system's specific data 24, ID 22 and secret code 36 into the system's secure processing to generate a secure MAC 38 for transmission in this method of unsolicited identity authentication. In one embodiment the unique authentication challenge identifier is replaced with a default value, such as 0000, for example, in the secure hash algorithm. In another embodiment, a different secure hash algorithm is used that does not have an authentication challenge input and the secure processing operates as described above. In a preferred embodiment, a designated ADS-B system monitors the unsolicited identity authentication contained in the ADS-B messages. The monitoring ADS-B system performs the same processing steps as the ADS-B transmitter to generate the MAC and perform the comparison.
In the authentication scheme of the present invention, an ADS-B transmitter's secret-key 36 must be available to both the ADS-B transmitter 20 and the Authenticator 10. In one embodiment of the present invention, the Authenticator 10 will transmit broadcast authentication challenges 12 to ADS-B transmitters 20 at regular intervals, requiring all ADS-B equipped platforms to respond. In another embodiment of the present invention, the Authenticator 10 will transmit addressed authentication challenges 12 to one or more ADS-B transmitters 20 every reporting cycle (each second for example). In yet another embodiment of the present invention, the Authenticator 10 will transmit broadcast authentication challenges 12 and addressed authentication challenges 12 to one or more ADS-B transmitters 20 at regular intervals.
Since there will be multiple ADS-B transmitters 20 being authenticated during any reporting cycle, it is preferable that each ADS-B transmitter 20 has its own secret-key 36. Each ADS-B transmitter 20 having its own secret-key 36 also helps protect the ADS-B system from a system wide attack. The secret-key 36 can be of any agreed-upon length, and the length maybe varied for military or other unique applications.
The secret key can be composed of a predefined combination of any number of separate key values and thus provide an authentication of any number of individual entities. For example, in one embodiment, a secret key can be composed of the combination of a secret binary number stored in the ADS-B transceiver of an aircraft and a Personal Identification Number (PIN) assigned to the pilot. In this embodiment, the successful authentication check by the authenticator gives an assurance that the ADS-B message came from the aircraft that the message claims it to be from, and that the pilot is the authorized pilot for that flight. In another embodiment, the key can be the combination of the ADS-B transceiver secret binary number and the pilot PIN as in the last embodiment plus an additional PIN entered by a cargo dispatcher certifying that the cargo has had the required screening. Additional PINs can be supplied by other authorized people monitoring other phases of the flight on the ground or in the air. Additional binary values obtained from other systems on board the aircraft or station transmitting the ADS-B message.
The secret key used by the ADS-B transmitter 20 must be discoverable by the Authenticator 10. In one embodiment, the Authenticator 10 has access to a database of flight plan data, associating a flight with the pilots, aircraft, cargo or passenger dispatcher, or any other authorized people monitoring other phases of the flight on the ground or in the air. The Authenticator 10 can then use this flight plan database along with identifying content of the ADS-B message to determine the pilots, aircraft, cargo or passenger dispatcher, or any other authorized people monitoring other phases of the flight, and to look up in a secure database the corresponding PINs and/or secret binary numbers comprising the secret key. In one specific embodiment for air traffic control, the identifying content of the ADS-B message is the aircraft Mode-S address. In another specific embodiment the identifying content is the Mode 3/A code.
In one embodiment, the secure hash algorithm, 40 and 50, can operate on the ADS-B transmitter ID, 22 and 32, and specific data, 24 and 34, in an unencrypted form, as shown on FIG. 1. In another embodiment, the secure hash algorithm, 40 and 50, can operate on the ADS-B transmitter ID 32 and specific data 34 in an encrypted form, as shown on FIG. 3. In this case, the Authenticator 10 must use the ADS-B transmitter's ID 32 and specific data 34 in the secure hash algorithm 50, prior to decryption. Note that the determination by the authenticator of the secret key to use, discussed in paragraphs [0021] and [0022], must come from knowledge of the identity of the ADS-B transmitter. If the encryption scheme encrypts this information, it must be decrypted before determining the identity. This process is not elaborated in FIG. 3. In yet another embodiment of the present invention, some aircraft are broadcasting their ID 32 and specific data 34 in an encrypted form and other aircraft are broadcasting their ID 32 and specific data 34 in an unencrypted form.
One requirement for accepting a hash algorithm as sound is that there be no known method of determining the hash without the key that is better than brute force guessing. A hash size of 128 bits has 2128 possible values and the probability of correctly guessing it is the reciprocal of that number. Although this is a very small probability, in the general field of cryptographic authentication, this is minimally acceptable. In the ADS-B aviation application, broadcasting a 128-bit or larger hash value is impractical due to the small message sizes, but fortunately the probability of guessing the hash value does not have to be extremely low. The reason for this is as follows. In a typical authentication application, an attacker experiences no penalty or risk in making a wrong guess. In addition, one successful guess represents a successful attack (for example, gaining login access to a computer). In our aviation application, the messages with authentication hashes occur one or more times per second as an aircraft flies through a region. An attacker gains little by correctly guessing one of the hashes. All of the hashes must be correct to be authenticated. Additionally, an incorrect hash is immediately obvious and makes the target suspect. For this reason, a much smaller hash, say 8 bits or fewer, is quite acceptable for ADS-B. With each transmitted ADS-B message, the probability of guessing the correct hash for that message and all of the previous ones grows smaller and the strength of the authentication increases.
In one embodiment, the ADS-B transmitter's secure hash value 30 is input into a message authentication code (MAC) generator 35, which generates a message authentication code (MAC) 38 for the ADS-B transmitter 20. The Authenticator 10 inputs its secure hash value 52 into MAC generator 55 to generate its MAC 58. By design, the transmitted MAC 38 contains fewer bits than the associated secure hash value 30. In one embodiment of the present invention, the MAC, 38 and 58 contains a truncated subset of the secure hash value, 30. In another embodiment of the present invention, the MAC, 38 and 58, is generated by using a moving bit pattern of a predetermined length, for example, 8-bits, with the bits selection based on a predetermined sequence, to truncate the MAC generator output. In yet another embodiment, the predetermined bit selection sequence changes at predetermined intervals. In still another embodiment, the MAC, 38 and 58, comprises a predetermined subset of bits that are non-contiguous. In yet an additional embodiment, the number of bits in the predetermined pattern is 8-bits or less.
In one embodiment of the present invention, the authentication challenge 12 unique identifier is 16-bits in length. The ADS-B transmitter specific data 34 may be transmitted as encrypted data or unencrypted data (i.e., sent in-the-clear). The ADS-B transmitter's ID, 22 and 32, is a constant value of constant length. The ADS-B transmitter's specific data 24 and 34 will comprise a segment of allocated bits in a standard ADS-B message. The number of bits comprising the ADS-B transmitter's specific data 24 and 34 is typically defined by international standard. Currently, for example, a Mode-S message contains 112-bits of data and a Universal Access Transceiver (UAT) message contains either 240-bits or 384-bits of data.
While the specification describes the authentication of an aircraft by an authenticator, typically but not necessarily a ground station/authority, the method is equally applicable to authentication of the ground station by an aircraft or other user of information sent from the ground. In one embodiment of the present invention, a ground station transmits a MAC in the uplink message so that transiting aircraft can authenticate the transmitting ground station's identity. In another embodiment of the present invention, transiting aircraft can request authentication of ground stations or vehicles. In this embodiment, the identification, 22 and 32, and specific data, 24 and 34, used in the secure hash algorithm is the ground station ID and designated up-link data, such as weather data, in place of Mode S ID, position, and velocity. The method described herein is valid and useful as long as the data used to authenticate the ground station is predetermined and agreed in advance, and the same data used to generate the MAC, 38 and 58, for comparison 60.
Where an ADS-B transmitter system has not received an authentication challenge, the ADS-B transmitter system generates a MAC using the challenge unique identifier from the most recent received authentication challenge, in one specific embodiment of the present invention. Here, if the ADS-B transmitter's message fails the MAC comparison, the authenticator recomputes the MAC using the last challenge unique identifier for the ADS-B transmitter, thereby reducing false identity authentication comparisons. In another embodiment, the ADS-B transmitter system generates a MAC using a predetermined default value for the challenge unique identifier where the ADS-B transmitter system has not received an authentication challenge. In this case, if the ADS-B transmitter's message fails the MAC comparison, the authenticator recomputes the MAC using the predetermined default value. In yet another embodiment of the present invention, the pilot or operator of the ADS-B transmitter system can turn the authentication system of the present invention ON/OFF.
While the invention has been described in connection with a presently preferred embodiment thereof, those skilled in the art will appreciate that various modifications and changes may be made therein without departing from the true spirit and scope of the invention which is accordingly intended to be limited solely by the appended claims.

Claims (28)

1. A method for unsolicited identity authentication of an ADS-B system comprising the steps of:
(a) generating an authentication secure code by inputting said ADS-B transmitter system's specific data, ID and secret-key in secure processing in said ADS-B transmitter system;
(b) transmitting an ADS-B message comprising said ADS-B transmitter system's specific data, ID and secure code from said ADS-B transmitter system;
(c) receiving at least one of said ADS-B messages transmitted from said at least one ADS-B transmitter system at an authentication monitoring system;
(d) determining said at least one ADS-B transmitter system's secret-key independently at said authentication monitoring system;
(e) generating an authentication secure code by inputting said ADS-B transmitter system's specific data, ID and said ADS-B transmitter system's secret-key in secure processing in said authentication monitoring system;
(f) comparing said authentication monitoring system-generated secure code and said ADS-B transmitter-generated secure code using comparison processing for each of said at least one ADS-B transmitter system at said authentication monitoring system; and
(g) authenticating said ADS-B transmitter system's identity where the output of said comparison processing is said authentication monitoring system-generated secure code and said ADS-B transmitter-generated secure code are the same,
wherein said secure processing at said ADS-B transmitter and said authentication monitoring system further comprises the steps of:
generating a secure data string of given length from a first secure data process wherein said first secure data process is a secure hash algorithm and said output of said first secure data process is a hash value;
inputting said secure data string of given length into a second secure data process wherein said second secure data process is a message authentication code (MAC) generator and said output of said second secure data process is a MAC; and
receiving a secure code generated by said second secure data process, wherein said secure code contains fewer bits than said secure data string of given length from said first secure data process and said secure code is 16 bits or less in length.
2. The method of claim 1 further comprising encrypting said ADS-B system specific data and ID prior to transmission.
3. The method of claim 1 wherein said authentication monitoring system is a ground station.
4. The method of claim 1 wherein said authentication monitoring system is an ADS-B equipped aircraft or an ADS-B equipped vessel.
5. A method for securely authenticating identity between an authenticator's system and at least one ADS-B transmitter's system comprising the steps of:
(a) generating a unique identifier at said authenticator's system;
(b) transmitting an authentication challenge containing said unique identifier to said at least one ADS-B transmitter's system;
(c) generating an authentication secure code by inputting said received unique identifier, ADS-B transmitter system's specific data, ID and secret-key in secure processing in said at least one ADS-B transmitter's system;
(d) transmitting an authentication challenge response comprising said ADS-B transmitter-generated secure code, said ADS-B transmitter specific data and ID from said at least one ADS-B transmitter's system to said authenticator's system;
(e) receiving said authentication challenge response transmitted from said at least one ADS-B transmitter's system at said authenticator's system;
(f) determining said at least one ADS-B transmitter system's secret-key independently;
(g) generating an authentication secure code by inputting said unique identifier, said ADS-B transmitter system's specific data, ID and said ADS-B transmitter system's secret-key in secure processing in said authenticator's system;
(h) comparing said authenticator-generated secure code and said ADS-B transmitter-generated secure code using comparison processing for each of said at least one ADS-B transmitter system; and
(i) authenticating said ADS-B transmitter system's identity where the output of said comparison processing is said authenticator-generated secure code and said ADS-B transmitter-generated secure code are the same,
wherein said secure processing at said ADS-B transmitter system and said authenticator system further comprises the steps of:
generating a secure data string of given length from a first secure data process wherein said first secure data process is a secure hash algorithm and said output of said first secure data process is a hash value,
inputting said secure data string of given length from said first secure data process into a second secure data process wherein said second secure data process is a message authentication code (MAC) generator and said output of said second secure data process is a MAC; and
receiving a secure code generated by said second secure data process, wherein said secure code contains fewer bits than said secure data string of given length from said first secure data process and said secure code is 16 bits or less in length.
6. The method of claim 5 further comprising encrypting said ADS-B transmitter's system data prior to transmission to said authenticator system.
7. The method of claim 6 further comprising inputting said ADS-B transmitter's system data to said secure data process prior to decryption by said authenticator system, wherein said ADS-B transmitter's system data is encrypted prior to being input into said secure process at said ADS-B transmitter system.
8. The method of claim 6 further comprising inputting said ADS-B transmitting system data to said secure data process after decryption at said authenticator system, wherein said ADS-B transmitter's system data is input into said secure process at said ADS-B transmitter system prior to being encrypted.
9. The method of claim 5 wherein determining said at least one ADS-B transmitter system's secret-key comprises generating said secret-key by inputting at least one of flight ID, personal identification number (PIN) of assigned pilot or other authorized personnel and said ADS-B transmitter system's mode S address into a key generation algorithm.
10. The method of claim 5 wherein determining said at least one ADS-B transmitter system's secret-key comprises a database look-up of said secret key.
11. The method of claim 5 wherein said second secure process further comprises the steps of: selecting a subset of bits from said secure data string of given length output by said first secure process using a selection of bits that changes for each message according to a predetermined pattern of bit selection.
12. The method of claim 11 further comprising: changing said predetermined pattern of bit selection automatically at predetermined intervals.
13. The method of claim 5 wherein said second secure process further comprises the steps of: selecting a predetermined subset of contiguous or non-contiguous bits from said secure data string of given length output from said first secure process.
14. The method of claim 5 further comprising outputting said secure code of any length equal to or less than the secure hash algorithm output.
15. A method for secure authentication between two or more ADS-B equipped systems comprising:
(a) generating a unique identifier in a unique identifier generator in an authenticator system;
(b) communicating said unique identifier in an authentication challenge from said authenticator system to one or more ADS-B transmitter systems;
(c) receiving said authentication challenge containing said unique identifier communicated by said authenticator system at said one or more ADS-B transmitter systems;
(d) inputting data comprising said unique identifier, ADS-B transmitter system specific data, ID and secret data into secure data processing;
(e) receiving a secure representation of said input data from said secure data processing at said ADS-B transmitter system;
(f) communicating said secure representation of said input data and said ADS-B transmitter system's specific data and ID from said one or more ADS-B transmitter systems to said authenticator system;
(g) receiving said secure representation of said input data and said ADS-B transmitter system's specific data and ID communicated by said one or more ADS-B transmitter systems at said authenticator system;
(h) determining said one or more ADS-B transmitter system's secret data independently;
(i) inputting said unique identifier, said ADS-B transmitter system's specific data, ID and secret data for each of said one or more ADS-B transmitter systems into secure data processing of said authenticator system;
(j) receiving a secure representation of said input data from said secure data processing of said authenticator system data for each of said one or more ADS-B transmitter systems;
(k) inputting said authenticator system-generated secure representation of said input data and said ADS-B transmitter system-generated secure representation of said input data for each of said one or more ADS-B transmitter systems into comparison processing at said authenticator system; and
(l) authenticating said one or more ADS-B transmitter system's identity where said authenticator system-generated secure representation of said input data and said ADS-B transmitter system-generated secure representation of said input data are the same,
wherein said secure data processing at each of said two or more ADS-B equipped systems further comprises the steps of:
generating a secure data string of given length in a first secure data process wherein said first secure data process is a secure hash algorithm and said output of said first secure data process is a hash value;
inputting said secure data string generated by said first secure data process into a second secure data process wherein said second secure data process is a message authentication code (MAC) generator and said output of said second secure data process is a MAC; and
generating said secure representation of said input data in said second secure data process from said secure data string of given length, wherein said secure representation of said input data contains fewer bits than said secure data string from said first secure data process and said secure representation of said input data is 16 bits or less in length.
16. The method of claim 15 wherein said ADS-B transmitter system's specific data comprises at least a predetermined subset of the content of an ADS-B message.
17. The method of claim 15 wherein said ADS-B transmitter system's secret data comprises a secret-key.
18. The method of claim 17 further comprising generating said secret-key by inputting at least one of flight ID, personal identification number (PIN) of assigned pilot or other authorized personnel and said ADS-B transmitter system's mode S address into a key generation algorithm.
19. The method of claim 17 wherein determining said at least one ADS-B transmitter system's secret-key comprises a database look-up of said secret key.
20. An ADS-B secure authentication system comprising:
an authenticator system comprising:
a. means for generating and storing a unique identifier;
b. means for communicating said unique identifier to one or more ADS-B transmitter systems in an authentication challenge;
c. means for receiving said one or more ADS-B transmitter systems communication in response to said authentication challenge;
d. means for determining said one or more ADS-B transmitter system's secret-key;
e. means for securely processing input data comprising said unique identifier, said ADS-B transmitter system's secret-key, identification (ID) and specific data to generate a secure code for each of said one or more ADS-B transmitter systems;
f. means for comparing said authenticator system-generated secure code and said ADS-B transmitter system-generated secure code for each of said one or more ADS-B transmitter systems; and
g. means for authenticating said ADS-B transmitter system's identity where said authenticator system-generated secure code and said ADS-B transmitter system-generated secure code are the same; and
h. means for communicating a failed authentication comparison;
said one or more ADS-B transmitter systems comprising:
a. means for receiving said authentication challenge transmitted by said authenticator system;
b. means for securely processing said received unique identifier, said ADS-B transmitter system's secret-key, identification (ID) and specific data to generate a secure code; and
c. means for communicating said secure code and said ADS-B transmitter system's identification (ID) and specific data to said authenticator system in response to said authentication challenge,
wherein said means for securely processing at said authenticator system and said one or more ADS-B transmitter systems further comprises:
a first means for securely processing and generating a secure data string of given length from said input data wherein said first means for securely processing is a secure hash generator further comprising a secure hash algorithm and said output of said first means for securely processing is a hash value;
a second means for securely processing said secure data string of given length output from said first means for securely processing and generating said secure code wherein said second means for securely processing is a message authentication code (MAC) generator and said output of said second means for securely processing is a MAC, and, wherein said secure code contains fewer bits than said secure data string of given length from said first means for securely processing and said secure code is 16 bits or less in length.
21. The system of claim 20 further comprising a means for encrypting said ADS-B transmitter system identification (ID) and specific data prior to transmission to said authenticator system.
22. The system of claim 20 wherein said means for generating said secret-key comprises inputting at least one of flight ID, personal identification number (PIN) of assigned pilot or other authorized personnel and said ADS-B transmitter's mode S address into a key generation algorithm.
23. The method of claim 20 wherein determining said at least one ADS-B transmitter system's secret-key comprises a database look-up of said secret key.
24. The system of claim 20 wherein said second means for securely processing comprises truncating said secure data string of given length output from said first means for securely processing using a selection of bits that changes for each message according to a predetermined pattern of bit selection.
25. The system of claim 24 wherein said second means for securely processing further comprises changing said predetermined pattern of bit selection automatically at predetermined intervals.
26. The system of claim 20 wherein said second means for securely processing comprises selecting a predetermined subset of contiguous or non-contiguous bits from said secure data string of given length output from said first means for securely processing.
27. The system of claim 20 wherein said second means for securely processing comprises generating said secure code by truncating said secure data string of given length output from said first means for securely processing to a different and smaller number of bits.
28. The system of claim 20 wherein said means for communicating said unique identifier to said one or more ADS-B transmitter systems comprises transferring or sending said unique identifier using RF, light, sound, or other medium to send, receive or transfer said data.
US11/401,017 2006-04-04 2006-04-07 Secure ADS-B authentication system and method Active 2029-04-01 US7730307B2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US11/401,017 US7730307B2 (en) 2006-04-07 2006-04-07 Secure ADS-B authentication system and method
PCT/US2007/065759 WO2007115246A1 (en) 2006-04-04 2007-04-02 Secure ads-b authentication system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11/401,017 US7730307B2 (en) 2006-04-07 2006-04-07 Secure ADS-B authentication system and method

Publications (2)

Publication Number Publication Date
US20070239986A1 US20070239986A1 (en) 2007-10-11
US7730307B2 true US7730307B2 (en) 2010-06-01

Family

ID=38576952

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/401,017 Active 2029-04-01 US7730307B2 (en) 2006-04-04 2006-04-07 Secure ADS-B authentication system and method

Country Status (1)

Country Link
US (1) US7730307B2 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120214420A1 (en) * 2009-10-22 2012-08-23 O'connor Daniel Aircraft Communication System
US20150212206A1 (en) * 2014-01-29 2015-07-30 Electronics And Telecommunications Research Institute Automatic dependent surveillance data protection method for air traffic management, and system for the same
US9116240B2 (en) 2012-04-04 2015-08-25 Mosaic Atm, Inc. System and method for ensuring ADS-B integrity of departing aircraft
US9476962B2 (en) 2013-05-02 2016-10-25 The Boeing Company Device, system and methods using angle of arrival measurements for ADS-B authentication and navigation
US20170053137A1 (en) * 2013-08-08 2017-02-23 Silicon Safe Limited Secure data storage
WO2019173216A1 (en) 2018-03-06 2019-09-12 Robust Analytics, Inc. Method and network to implement decentralized validation and authentication mechanisms to prevent ads-b cyber-attacks
US10650689B2 (en) 2016-11-01 2020-05-12 The Mitre Corporation Waveform authentication system and method

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7876259B2 (en) * 2006-11-06 2011-01-25 Leonard Schuchman Automatic dependent surveillance system secure ADS-S
FR2912578B1 (en) * 2007-02-13 2009-05-22 Airbus France Sas METHOD OF AUTHENTICATING AN ELECTRONIC DOCUMENT AND METHOD OF VERIFYING A DOCUMENT THUS AUTHENTICATED.
FR2945360B1 (en) * 2009-05-07 2011-07-15 Airbus France METHOD AND DEVICE FOR FACILITATING REALIZATION OF ALTITUDE CHANGE MANEUVER WITH REDUCED SPACES OF AN AIRCRAFT
US8656162B2 (en) * 2009-10-22 2014-02-18 Honeywell International Inc. Aeronautical security management over broadband air/ground network
CN101917273A (en) * 2010-08-26 2010-12-15 四川大学 ECC certificate-based ADS-B data authentication method
US20140046832A1 (en) * 2011-02-21 2014-02-13 Fintel Technologies, Inc. Methods to access, share and analyze information related to fraud, money laundering, terrorist financing and other specified unlawful activities
CN102215077B (en) * 2011-06-13 2012-10-03 四川大学 Automatic dependence surveillance-broadcast (ADS-B) accurate target location encryption method
CN104137469A (en) * 2012-12-05 2014-11-05 索尼公司 Information processor, verification processor, information processing method, verification processing meth od, and program
WO2016210400A2 (en) 2015-06-25 2016-12-29 Diebold, Incorporated Automated banking machine firmware flow control
EP3520096A4 (en) * 2016-03-17 2019-12-18 Airspace Systems Inc. System and method for aerial system discrimination and action
US10148653B2 (en) * 2016-12-14 2018-12-04 The Boeing Company Authenticating an aircraft data exchange using detected differences of onboard electronics
CN106961329B (en) * 2017-03-23 2020-02-14 电子科技大学 Method for solving confidentiality and integrity of ADS-B protocol
JPWO2019026833A1 (en) * 2017-08-04 2020-07-27 日本電産株式会社 Authentication system, electronic device used in the authentication system, and authentication method
US11022696B1 (en) * 2017-10-18 2021-06-01 George Mason University ADS-Bsec: a holistic framework to secure ADS-B
WO2021168037A1 (en) * 2020-02-18 2021-08-26 Bae Systems Controls Inc. Authenticating devices over a public communication network
CN113301508B (en) * 2021-04-25 2022-12-02 西北工业大学 Aircraft position estimation and deception detection method

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5539826A (en) 1993-12-29 1996-07-23 International Business Machines Corporation Method for message authentication from non-malleable crypto systems
US20020120584A1 (en) * 2000-04-11 2002-08-29 Hogan Edward J. Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US6463154B1 (en) 1998-08-28 2002-10-08 Lucent Technologies Inc. Method for determining temporary mobile identifiers and managing use thereof
US20030021417A1 (en) 2000-10-20 2003-01-30 Ognjen Vasic Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data
US20030177094A1 (en) 2002-03-15 2003-09-18 Needham Bradford H. Authenticatable positioning data
US20040086121A1 (en) * 2002-10-31 2004-05-06 Sensis Corporation Secure automatic dependant surveillance
US6760778B1 (en) 1998-09-09 2004-07-06 At&T Wireless Services, Inc. System and method for communication between airborne and ground-based entities

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5539826A (en) 1993-12-29 1996-07-23 International Business Machines Corporation Method for message authentication from non-malleable crypto systems
US6463154B1 (en) 1998-08-28 2002-10-08 Lucent Technologies Inc. Method for determining temporary mobile identifiers and managing use thereof
US6760778B1 (en) 1998-09-09 2004-07-06 At&T Wireless Services, Inc. System and method for communication between airborne and ground-based entities
US20020120584A1 (en) * 2000-04-11 2002-08-29 Hogan Edward J. Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US20030021417A1 (en) 2000-10-20 2003-01-30 Ognjen Vasic Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data
US20030177094A1 (en) 2002-03-15 2003-09-18 Needham Bradford H. Authenticatable positioning data
US20040086121A1 (en) * 2002-10-31 2004-05-06 Sensis Corporation Secure automatic dependant surveillance

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
Bellare, M. et al., "Message authentication using hash functions-the HMAC construction", Cryptobytes, RSA Laboratories, US, vol. 2, No. 1, 1996, pp. 12-15.
Donovan, Todd A., "Concept for an Integrated National Surveillance and Data Communication Infrastructure", Aerospace Conference, 2006 IEEE Big Sky, MT, USA, Mar. 4, 2006, pp. 1-14.
NIST. "The Keyed-Hash Message Authentication Code." Mar. 6, 2002. *
Samuelson, K. et al., "Enhanced ADS-B Research", Aerospace Conference, 2006 IEEE Big Sky, MT, USA, Mar. 4, 2006, pp. 1-7.
Tu, Kwei, "An ID-Based Cryptographic Technique for IFF", Military Communications Conference, 1995, Milcom '95, Conference Record, IEEE SanDiego, CA, USA, Nov. 5, 1995, vol. 3, pp. 1258-1262.
Van Sickle, Garth A., "Aircraft Self Reports for Military Air Surveillance", Digital Avionics Systems Conference, 1999 Proceedings, 18TH St. Louis, MO, vol. B.5/12, vol. 2 , Oct. 24, 1999, pp. 6D2.1-6D2.7.

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120214420A1 (en) * 2009-10-22 2012-08-23 O'connor Daniel Aircraft Communication System
US8909158B2 (en) * 2009-10-22 2014-12-09 Pilatus Flugzeugwerke Ag Aircraft communication system
US9116240B2 (en) 2012-04-04 2015-08-25 Mosaic Atm, Inc. System and method for ensuring ADS-B integrity of departing aircraft
US9476962B2 (en) 2013-05-02 2016-10-25 The Boeing Company Device, system and methods using angle of arrival measurements for ADS-B authentication and navigation
US10365374B2 (en) 2013-05-02 2019-07-30 The Boeing Company Device, system and methods using angle of arrival measurements for ADS-B authentication and navigation
US20170053137A1 (en) * 2013-08-08 2017-02-23 Silicon Safe Limited Secure data storage
US20190050598A1 (en) * 2013-08-08 2019-02-14 Silicon Safe Limited Secure data storage
US20150212206A1 (en) * 2014-01-29 2015-07-30 Electronics And Telecommunications Research Institute Automatic dependent surveillance data protection method for air traffic management, and system for the same
US10650689B2 (en) 2016-11-01 2020-05-12 The Mitre Corporation Waveform authentication system and method
WO2019173216A1 (en) 2018-03-06 2019-09-12 Robust Analytics, Inc. Method and network to implement decentralized validation and authentication mechanisms to prevent ads-b cyber-attacks
US10554412B2 (en) 2018-03-06 2020-02-04 Robust Analytics, Inc. Method and network to implement decentralized validation and authentication mechanisms to prevent ADS-B cyber-attacks

Also Published As

Publication number Publication date
US20070239986A1 (en) 2007-10-11

Similar Documents

Publication Publication Date Title
US7730307B2 (en) Secure ADS-B authentication system and method
WO2007115246A1 (en) Secure ads-b authentication system and method
Yang et al. A practical and compatible cryptographic solution to ADS-B security
CN110635893B (en) Vehicle-mounted Ethernet information security protection method
US20040086121A1 (en) Secure automatic dependant surveillance
US8577036B2 (en) Method and device for transmitting messages in real time
US20050005093A1 (en) Methods, systems and devices for securing supervisory control and data acquisition (SCADA) communications
CN108737323B (en) Digital signature method, device and system
US20060209843A1 (en) Secure spontaneous associations between networkable devices
Valovage Enhanced ads-b research
KR101675332B1 (en) Data commincaiton method for vehicle, Electronic Control Unit and system thereof
CN107483415A (en) A kind of mutual authentication method of shared electricity consumption interactive system
CN112422276B (en) Method and system for realizing multi-party key agreement
US20220191040A1 (en) Devices and methods for the generating and authentication of at least one data packet to be transmitted in a bus system (bu), in particular of a motor vehicle
CN113079012A (en) Encryption/decryption technology for data protection of aviation ground-air data chain ACARS system based on state cryptographic algorithm
KR20190068172A (en) Secure Drone communication protocol
Viggiano et al. Secure ADS-B authentication system and method
CN116528228B (en) Internet of vehicles presetting and session key distribution method, communication method and system
Heinrich et al. Security analysis of the RaSTA safety protocol
CN112350823B (en) CAN FD communication method between vehicle-mounted controllers
Püllen et al. Securing FlexRay-based in-vehicle networks
CN111818023A (en) Data transmission method and data transmission system suitable for air-ground communication link
Mäurer et al. Pmake: Physical unclonable function-based mutual authentication key exchange scheme for digital aeronautical communications
CN114157447B (en) Unmanned equipment safety communication method based on block chain technology
RU2730368C1 (en) Method of cryptographic protection of communication channels between a ground control station and simultaneously several unmanned aerial vehicles

Legal Events

Date Code Title Description
AS Assignment

Owner name: SENSIS CORPORATION, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:VIGGIANO, MARC J.;VALOVAGE, EDWARD M.;REEL/FRAME:018068/0284;SIGNING DATES FROM 20060707 TO 20060711

Owner name: SENSIS CORPORATION,NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:VIGGIANO, MARC J.;VALOVAGE, EDWARD M.;SIGNING DATES FROM 20060707 TO 20060711;REEL/FRAME:018068/0284

AS Assignment

Owner name: CITIZENS BANK, N.A., PENNSYLVANIA

Free format text: SECURITY AGREEMENT;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:019605/0357

Effective date: 20070727

Owner name: CITIZENS BANK, N.A.,PENNSYLVANIA

Free format text: SECURITY AGREEMENT;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:019605/0357

Effective date: 20070727

AS Assignment

Owner name: NASA, DISTRICT OF COLUMBIA

Free format text: CONFIRMATORY LICENSE;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:020099/0370

Effective date: 20071025

Owner name: NASA,DISTRICT OF COLUMBIA

Free format text: CONFIRMATORY LICENSE;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:020099/0370

Effective date: 20071025

AS Assignment

Owner name: NASA, DISTRICT OF COLUMBIA

Free format text: CONFIRMATORY LICENSE;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:020874/0997

Effective date: 20071025

Owner name: NASA,DISTRICT OF COLUMBIA

Free format text: CONFIRMATORY LICENSE;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:020874/0997

Effective date: 20071025

AS Assignment

Owner name: SENSIS CORPORATION, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SAMUELSON, KENNETH B.;HALL, DANA L.;REEL/FRAME:021713/0476

Effective date: 20080930

Owner name: SENSIS CORPORATION,NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SAMUELSON, KENNETH B.;HALL, DANA L.;REEL/FRAME:021713/0476

Effective date: 20080930

AS Assignment

Owner name: RBS CITIZENS, NATIONAL ASSOCIATION AS ADMINISTRATI

Free format text: SECURITY AGREEMENT;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:023003/0321

Effective date: 20090723

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: SAAB SENSIS CORPORATION, DELAWARE

Free format text: CHANGE OF NAME;ASSIGNOR:SENSIS CORPORATION;REEL/FRAME:027717/0824

Effective date: 20110812

FPAY Fee payment

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.)

FEPP Fee payment procedure

Free format text: 7.5 YR SURCHARGE - LATE PMT W/IN 6 MO, LARGE ENTITY (ORIGINAL EVENT CODE: M1555)

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552)

Year of fee payment: 8

AS Assignment

Owner name: SAAB, INC., NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SAAB SENSIS CORPORATION;REEL/FRAME:053539/0780

Effective date: 20200818

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 12